CENTRALIZED IDENTITY SERVICES
Setting up central IAM services for an enterprise is a major undertaking, but IAM administrators don’t have to go it alone. You can improve speed and agility across your business with a self-service portal that allows application owners to integrate their own apps and consume IAM services. PingCentral is a converged operating portal that complements the native admin user interfaces within each product by adding a self-service layer and solving common tasks across the Ping Intelligent Identity™ platform.
Using simple workflows and standard templates, delegated administrators can onboard and manage their own apps without needing IAM expertise. PingCentral also provides orchestration automation, lifecycle management, and central monitoring for all applications and APIs across all instances of Ping products in any environment tier. Your internal business customers can leverage centralized IAM services to launch new resources with confidence.
CENTRALIZE YOUR CLOUD APP MANAGEMENT
The PingOne for Enterprise administrative portal provides comprehensive capabilities for managing cloud-based access to the applications your workforce and partners use most. The portal includes streamlined workflows for adding SAML connections to a large library of SaaS applications, as well as adding custom OIDC applications. Admins can also easily manage users and directory groups in the included directory. To track usage and identify potential security violations, PingOne for Enterprise provides a dashboard and monitoring reports.
PROTECT APPS WITH POLICIES
PingAccess provides a dedicated UI for setting application access policy. Administrators can conveniently integrate proxy- and agent-based security for applications while managing the sites, agents, sessions and rules that support them. A simple and straightforward UI allows administrators to build granular policies for applications and resources with groups of rules combined through ‘and/or’ logic.
MIGRATE LEGACY WAM POLICIES
Administrators can use the convenient PingAccess policy migration tool to efficiently migrate applications from legacy web access management (WAM) providers such as CA SiteMinder or Oracle Access Manager 10g or 11g. You can load a policy export, choose existing PingAccess and PingFederate policies to use as a template, and deploy applications as new policies to a PingFederate and PingAccess environment. Administrators can accelerate an otherwise manual process, while greatly improving the accuracy of migrating hundreds of policies from your legacy WAM system to PingAccess.
PingFederate allows administrators to build cohesive SSO systems that incorporate disparate sign-ons and user directories to provide a single, consistent authentication policy. Admins can set up the authentication server and its variety of connections using SAML, OAuth and OIDC. Connections can be configured through a step-by-step workflow to allow PingFederate to act as an identity provider or an authentication service provider. Plus, admins can create robust and secure policies using a graphical logic tree built with information about incoming sign-on requests.
manage and monitor your
Administrators can view the many attributes of their LDAP database through the PingDirectory administrative UI. Many aspects of data stored in PingDirectory, including the LDAP schema, can be viewed or managed through this interface. Administrators can also keep tabs on the health of their directory through alarms, alerts and monitors that can be configured for key circumstances, such as unusually high CPU usage.
delegate account management
PingDirectory includes a self-service delegated user administration tool that enables admins to delegate simple profile management to a variety of other administrative roles, such as helpdesk personnel and customer service representatives. This helps administrators efficiently manage all of their user identities at scale and deliver a frictionless customer experience.
System admins can give individuals or groups, like helpdesk and CSR admins, the ability to search/view/edit profiles, unlock accounts and reset passwords. Admins can also easily provide access to groups, organizations or an entire directory. They can manage group and role membership on their own, or they can delegate the creation of users and groups to their customers or partners. At the same time, admins can support single page applications (SPA) for simple deployment. All of these features make it easy for administrators to decide how they want to manage identity profiles for their various enterprise users.